Safety difference between adding a PPA and manually installing a deb package

Question

I would like difference with regard to safety between installing software by adding a PPA or by using a .deb package.

For example, I found a specific application in GitHub and I want to install it. The instructions to install include two options:

Option 1 - Via PPA

sudo add-apt-repository ppa:ppaName
sudo apt-get update
sudo apt-get install software Name

Option 2 - From Package

wget https://github.com/path/to/software/download/v1.0/SoftwareName.deb
sudo apt-get install gdebi
sudo gdebi SoftwareName.deb

Since the reliability of a PPA depends of many factors, is safer install it by downloading a deb package?

Are there any safety differences between these two methods?

In most cases you will not find deb files in github. – Pilot6 Feb 15 '16 at 16:14 — Pilot6, Feb 15 '16 at 16:14

score 5 · Accepted Answer · answered Feb 15 '16 at 15:27

5

If you trust the provider, it's OK to install from PPA. The advantage of getting software from PPA is that you get automatic updates, which doesn't happen if you install from a Debian (.deb) package.

About security, there isn't much difference between one method and another. If you install an X package through PPA using apt-get, what happens is basically the download of its .deb and its installation with dpkg.

So, overall, it's better to use PPA over manual installation, due to automatic updates.

answered Feb 15 '16 at 15:27

Eduardo Cola

5,817

1

Automatic updates may be not good if a maintainer pushes a buggy version. like I do sometimes ;-) – Pilot6 Feb 15 '16 at 16:15
1

In the other hand, in most cases automatic updates bring important security/bug fixes and new features. – Eduardo Cola Feb 15 '16 at 16:19

Safety difference between adding a PPA and manually installing a deb package

1 Answers1